<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<%@ taglib uri="http://struts.apache.org/tags-html" prefix="html"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Provide Address Information</title>
</head>
<body>
	<h1>Security Design Patterns</h1>
	<h2>Sample 1 - Mitigate Sql Injection with ESAPI : Input</h2>
	<hr>
	<html:form action="/sample1Result">
		<table>
			<tr>
				<td>Sanitize No Java Script</td>
				<td><html:checkbox property="sanitizeNoJavascript" /></td>
			</tr>
			<tr>
				<td>Validate Safe html</td>
				<td><html:checkbox property="validateForHtml" /></td>
			</tr>
			<tr>
				<td>Encoded for html in filter</td>
				<td><html:checkbox property="encodeForHtmlInFilter" /></td>
			</tr>
			<tr>
				<td>Encoded for html in Action</td>
				<td><html:checkbox property="encodeForHtmlInAction" /></td>
			</tr>
			<hr>
			<tr>
				<td>Html with JavaScript</td>
				<td><html:textarea property="htmlWithJSInScript" cols="50" rows="5" /></td>
			</tr>
			<tr>
				<td>Html with JavaScript in div</td>
				<td><html:textarea property="htmlWithJSInDiv" cols="50" rows="5" /></td>
			</tr>
		</table>
		<html:submit value="Submit"/>
	</html:form>

</body>
</html>
